fbpx
Wikipedia

Data security

March 08, 2024

Data security means protecting digital data, such as those in a database, from destructive forces and from the unwanted actions of unauthorized users,[1] such as a cyberattack or a data breach.[2]

Technologies edit

Disk encryption edit

Main article: Disk encryption

Disk encryption refers to encryption technology that encrypts data on a hard disk drive. [3] Disk encryption typically takes form in either software (see disk encryption software) or hardware (see disk encryption hardware). Disk encryption is often referred to as on-the-fly encryption (OTFE) or transparent encryption.

Software versus hardware-based mechanisms for protecting data edit

Software-based security solutions encrypt the data to protect it from theft. However, a malicious program or a hacker could corrupt the data to make it unrecoverable, making the system unusable. Hardware-based security solutions prevent read and write access to data, which provides very strong protection against tampering and unauthorized access.

Hardware-based security or assisted computer security offers an alternative to software-only computer security. Security tokens such as those using PKCS#11 or a mobile phone may be more secure due to the physical access required in order to be compromised.[4] Access is enabled only when the token is connected and the correct PIN is entered (see two-factor authentication). However, dongles can be used by anyone who can gain physical access to it. Newer technologies in hardware-based security solve this problem by offering full proof of security for data.[5]

Working off hardware-based security: A hardware device allows a user to log in, log out and set different levels through manual actions. The device uses biometric technology to prevent malicious users from logging in, logging out, and changing privilege levels. The current state of a user of the device is read by controllers in peripheral devices such as hard disks. Illegal access by a malicious user or a malicious program is interrupted based on the current state of a user by hard disk and DVD controllers making illegal access to data impossible. Hardware-based access control is more secure than the protection provided by the operating systems as operating systems are vulnerable to malicious attacks by viruses and hackers. The data on hard disks can be corrupted after malicious access is obtained. With hardware-based protection, the software cannot manipulate the user privilege levels. A hacker or a malicious program cannot gain access to secure data protected by hardware or perform unauthorized privileged operations. This assumption is broken only if the hardware itself is malicious or contains a backdoor.[6] The hardware protects the operating system image and file system privileges from being tampered with. Therefore, a completely secure system can be created using a combination of hardware-based security and secure system administration policies.

Backups edit

Main article: Backup

Backups are used to ensure data that is lost can be recovered from another source. It is considered essential to keep a backup of any data in most industries and the process is recommended for any files of importance to a user.[7]

Data masking edit

Main article: Data masking

Data masking of structured data is the process of obscuring (masking) specific data within a database table or cell to ensure that data security is maintained and sensitive information is not exposed to unauthorized personnel.[8] This may include masking the data from users (for example so banking customer representatives can only see the last four digits of a customer's national identity number), developers (who need real production data to test new software releases but should not be able to see sensitive financial data), outsourcing vendors, etc.[9]

Data erasure edit

Main article: Data erasure

Data erasure is a method of software-based overwriting that completely wipes all electronic data residing on a hard drive or other digital media to ensure that no sensitive data is lost when an asset is retired or reused. [10]

International laws and standards edit

International laws edit

In the UK, the Data Protection Act is used to ensure that personal data is accessible to those whom it concerns, and provides redress to individuals if there are inaccuracies.[11] This is particularly important to ensure individuals are treated fairly, for example for credit checking purposes. The Data Protection Act states that only individuals and companies with legitimate and lawful reasons can process personal information and cannot be shared. Data Privacy Day is an international holiday started by the Council of Europe that occurs every January 28. [12]

Since the General Data Protection Regulation (GDPR) of the European Union (EU) became law on May 25, 2018, organizations may face significant penalties of up to €20 million or 4% of their annual revenue if they do not comply with the regulation.[13] It is intended that GDPR will force organizations to understand their data privacy risks and take the appropriate measures to reduce the risk of unauthorized disclosure of consumers’ private information. [14]

International standards edit

The international standards ISO/IEC 27001:2013 and ISO/IEC 27002:2013 cover data security under the topic of information security, and one of its cardinal principles is that all stored information, i.e. data, should be owned so that it is clear whose responsibility it is to protect and control access to that data.[15][16] The following are examples of organizations that help strengthen and standardize computing security:

The Trusted Computing Group is an organization that helps standardize computing security technologies.

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary international information security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, automated teller machines, and point of sale cards.[17]

The General Data Protection Regulation (GDPR) proposed by the European Commission will strengthen and unify data protection for individuals within the EU, whilst addressing the export of personal data outside the EU.

See also edit

References edit

  1. ^ Summers, G. (2004). Data and databases. In: Koehne, H Developing Databases with Access: Nelson Australia Pty Limited. p4-5.
  2. ^ "Knowing Your Data to Protect Your Data". IT Business Edge. 2017-09-25. Retrieved 2022-11-03.
  3. ^ "Full disk encryption (FDE)". encyclopedia.kaspersky.com. Retrieved 2022-11-03.
  4. ^ Thanh, Do van; Jorstad, Ivar; Jonvik, Tore; Thuan, Do van (2009). "Strong authentication with mobile phone as security token". 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems. pp. 777–782. doi:10.1109/MOBHOC.2009.5336918. ISBN 978-1-4244-5114-2. S2CID 5470548.
  5. ^ Stubbs, Rob (Sep 10, 2019). "Why the World is Moving to Hardware-Based Security". Fortanix. Retrieved 30 September 2022.
  6. ^ Waksman, Adam; Sethumadhavan, Simha (2011), "Silencing Hardware Backdoors" (PDF), Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California, (PDF) from the original on 2013-09-28
  7. ^ . Archived from the original on 2017-07-07.
  8. ^ "Data Masking Definition". from the original on 2017-02-27. Retrieved 1 March 2016.
  9. ^ "data masking". from the original on 5 January 2018. Retrieved 29 July 2016.
  10. ^ Michael Wei; Laura M. Grupp; Frederick E. Spada; Steven Swanson (2011). "Reliably Erasing Data From Flash-Based Solid State Drives". FAST'11: Proceedings of the 9th USENIX conference on File and storage technologies. Wikidata Q115346857. Retrieved 2022-11-22.
  11. ^ "data protection act". from the original on 13 April 2016. Retrieved 29 July 2016.
  12. ^ Peter Fleischer, Jane Horvath, Shuman Ghosemajumder (2008). "Celebrating data privacy". Google Blog. from the original on 20 May 2011. Retrieved 12 August 2011.{{cite web}}: CS1 maint: multiple names: authors list (link)
  13. ^ . Archived from the original on 2018-03-31.
  14. ^ "Detect and Protect for Digital Transformation". Informatica. Retrieved 27 April 2018.
  15. ^ "ISO/IEC 27001:2013". ISO. 16 December 2020. Retrieved 2022-11-03.
  16. ^ "ISO/IEC 27002:2013". ISO. 15 April 2021. Retrieved 2022-11-03.
  17. ^ "PCI DSS Definition". from the original on 2 March 2016. Retrieved 1 March 2016.

External links edit

  • Getting Ready for New Data Laws - Local Gov Magazine
  • EU General Data Protection Regulation (GDPR)
  • Countering ransomware attacks
 
Wikimedia Commons has media related to Data security.

March 08, 2024
data, security, means, protecting, digital, data, such, those, database, from, destructive, forces, from, unwanted, actions, unauthorized, users, such, cyberattack, data, breach, contents, technologies, disk, encryption, software, versus, hardware, based, mech. Data security means protecting digital data such as those in a database from destructive forces and from the unwanted actions of unauthorized users 1 such as a cyberattack or a data breach 2 Contents 1 Technologies 1 1 Disk encryption 1 2 Software versus hardware based mechanisms for protecting data 1 3 Backups 1 4 Data masking 1 5 Data erasure 2 International laws and standards 2 1 International laws 2 2 International standards 3 See also 4 References 5 External linksTechnologies editDisk encryption edit Main article Disk encryption Disk encryption refers to encryption technology that encrypts data on a hard disk drive 3 Disk encryption typically takes form in either software see disk encryption software or hardware see disk encryption hardware Disk encryption is often referred to as on the fly encryption OTFE or transparent encryption Software versus hardware based mechanisms for protecting data edit Software based security solutions encrypt the data to protect it from theft However a malicious program or a hacker could corrupt the data to make it unrecoverable making the system unusable Hardware based security solutions prevent read and write access to data which provides very strong protection against tampering and unauthorized access Hardware based security or assisted computer security offers an alternative to software only computer security Security tokens such as those using PKCS 11 or a mobile phone may be more secure due to the physical access required in order to be compromised 4 Access is enabled only when the token is connected and the correct PIN is entered see two factor authentication However dongles can be used by anyone who can gain physical access to it Newer technologies in hardware based security solve this problem by offering full proof of security for data 5 Working off hardware based security A hardware device allows a user to log in log out and set different levels through manual actions The device uses biometric technology to prevent malicious users from logging in logging out and changing privilege levels The current state of a user of the device is read by controllers in peripheral devices such as hard disks Illegal access by a malicious user or a malicious program is interrupted based on the current state of a user by hard disk and DVD controllers making illegal access to data impossible Hardware based access control is more secure than the protection provided by the operating systems as operating systems are vulnerable to malicious attacks by viruses and hackers The data on hard disks can be corrupted after malicious access is obtained With hardware based protection the software cannot manipulate the user privilege levels A hacker or a malicious program cannot gain access to secure data protected by hardware or perform unauthorized privileged operations This assumption is broken only if the hardware itself is malicious or contains a backdoor 6 The hardware protects the operating system image and file system privileges from being tampered with Therefore a completely secure system can be created using a combination of hardware based security and secure system administration policies Backups edit Main article Backup Backups are used to ensure data that is lost can be recovered from another source It is considered essential to keep a backup of any data in most industries and the process is recommended for any files of importance to a user 7 Data masking edit Main article Data masking Data masking of structured data is the process of obscuring masking specific data within a database table or cell to ensure that data security is maintained and sensitive information is not exposed to unauthorized personnel 8 This may include masking the data from users for example so banking customer representatives can only see the last four digits of a customer s national identity number developers who need real production data to test new software releases but should not be able to see sensitive financial data outsourcing vendors etc 9 Data erasure edit Main article Data erasure Data erasure is a method of software based overwriting that completely wipes all electronic data residing on a hard drive or other digital media to ensure that no sensitive data is lost when an asset is retired or reused 10 International laws and standards editInternational laws edit In the UK the Data Protection Act is used to ensure that personal data is accessible to those whom it concerns and provides redress to individuals if there are inaccuracies 11 This is particularly important to ensure individuals are treated fairly for example for credit checking purposes The Data Protection Act states that only individuals and companies with legitimate and lawful reasons can process personal information and cannot be shared Data Privacy Day is an international holiday started by the Council of Europe that occurs every January 28 12 Since the General Data Protection Regulation GDPR of the European Union EU became law on May 25 2018 organizations may face significant penalties of up to 20 million or 4 of their annual revenue if they do not comply with the regulation 13 It is intended that GDPR will force organizations to understand their data privacy risks and take the appropriate measures to reduce the risk of unauthorized disclosure of consumers private information 14 International standards edit The international standards ISO IEC 27001 2013 and ISO IEC 27002 2013 cover data security under the topic of information security and one of its cardinal principles is that all stored information i e data should be owned so that it is clear whose responsibility it is to protect and control access to that data 15 16 The following are examples of organizations that help strengthen and standardize computing security The Trusted Computing Group is an organization that helps standardize computing security technologies The Payment Card Industry Data Security Standard PCI DSS is a proprietary international information security standard for organizations that handle cardholder information for the major debit credit prepaid e purse automated teller machines and point of sale cards 17 The General Data Protection Regulation GDPR proposed by the European Commission will strengthen and unify data protection for individuals within the EU whilst addressing the export of personal data outside the EU See also editCopy protection Cyber security regulation Data centric security Data erasure Data masking Data recovery Digital inheritance Disk encryption Comparison of disk encryption software Identity based security Information security IT network assurance Pre boot authentication Privacy engineering Privacy law Raz Lee Security breach notification laws Single sign on Smart card Tokenization Transparent data encryption USB flash drive security Gordon Loeb model for cyber security investmentsReferences edit Summers G 2004 Data and databases In Koehne H Developing Databases with Access Nelson Australia Pty Limited p4 5 Knowing Your Data to Protect Your Data IT Business Edge 2017 09 25 Retrieved 2022 11 03 Full disk encryption FDE encyclopedia kaspersky com Retrieved 2022 11 03 Thanh Do van Jorstad Ivar Jonvik Tore Thuan Do van 2009 Strong authentication with mobile phone as security token 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems pp 777 782 doi 10 1109 MOBHOC 2009 5336918 ISBN 978 1 4244 5114 2 S2CID 5470548 Stubbs Rob Sep 10 2019 Why the World is Moving to Hardware Based Security Fortanix Retrieved 30 September 2022 Waksman Adam Sethumadhavan Simha 2011 Silencing Hardware Backdoors PDF Proceedings of the IEEE Symposium on Security and Privacy Oakland California archived PDF from the original on 2013 09 28 Back ups Stay Smart Online Archived from the original on 2017 07 07 Data Masking Definition Archived from the original on 2017 02 27 Retrieved 1 March 2016 data masking Archived from the original on 5 January 2018 Retrieved 29 July 2016 Michael Wei Laura M Grupp Frederick E Spada Steven Swanson 2011 Reliably Erasing Data From Flash Based Solid State Drives FAST 11 Proceedings of the 9th USENIX conference on File and storage technologies Wikidata Q115346857 Retrieved 2022 11 22 data protection act Archived from the original on 13 April 2016 Retrieved 29 July 2016 Peter Fleischer Jane Horvath Shuman Ghosemajumder 2008 Celebrating data privacy Google Blog Archived from the original on 20 May 2011 Retrieved 12 August 2011 a href Template Cite web html title Template Cite web cite web a CS1 maint multiple names authors list link GDPR Penalties Archived from the original on 2018 03 31 Detect and Protect for Digital Transformation Informatica Retrieved 27 April 2018 ISO IEC 27001 2013 ISO 16 December 2020 Retrieved 2022 11 03 ISO IEC 27002 2013 ISO 15 April 2021 Retrieved 2022 11 03 PCI DSS Definition Archived from the original on 2 March 2016 Retrieved 1 March 2016 External links editGetting Ready for New Data Laws Local Gov Magazine EU General Data Protection Regulation GDPR Countering ransomware attacks nbsp Wikimedia Commons has media related to Data security Retrieved from https en wikipedia org w index php title Data security amp oldid 1205382276, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.